<?php
include("../dbInfo.php");

$email = $_POST["email"];
$password = $_POST["password"];
$email = mysql_real_escape_string(stripslashes($email));
$password = mysql_real_escape_string(stripslashes($password));

$pass = sha1($password);

$user = mysql_query("SELECT `userID`, `accountType`, `name` FROM `accounts` WHERE `email` = '$email' AND `password` = '$pass'") or die(mysql_error());

if(mysql_num_rows($user) > 0) {
	$row = mysql_fetch_assoc($user);
	session_start();
	$_SESSION["ls_name"] = $row["name"];
	$_SESSION["ls_accounttype"] = $row["accountType"];
	if($row["accountType"] == "admin") {
		$_SESSION["ls_userid"] = $row["userID"];
		echo "1";
	}
	else {
		$_SESSION["ls_userid"] = $row["userID"];
		echo "2";
	}
}
else {
	echo "<p align='center' style='background: #FAAFBE; border: 1px solid #FF0000; padding: 20px 0px;'>Invalid login, please try again.</p>";
}
?>